Skip to main content
FolioKit
Demo

Privacy Policy

Last updated: December 4, 2025

1. Introduction

FolioKit ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our portfolio builder service at foliokit.app and foliok.it (collectively, the "Service").

By using the Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided)
  • Profile picture (if using social login)
  • Username you select
  • Authentication data from your identity provider (Google, LinkedIn, etc.)

2.2 Portfolio Content

We collect the content you create and upload, including:

  • Professional information (job titles, company names, dates)
  • Skills and expertise
  • Project descriptions and details
  • Education history
  • Bio and personal statements
  • Contact information you choose to display
  • Social media links
  • Profile images

2.3 LinkedIn PDF Data

If you use our LinkedIn import feature, we process the PDF file you upload to extract professional information. The PDF is processed temporarily and is not stored after content extraction is complete.

2.4 Usage and Analytics Data

We automatically collect certain information when portfolios are viewed:

  • Page view timestamps
  • Device type (mobile, tablet, desktop)
  • Browser type and version
  • Referring URL (how visitors found your portfolio)
  • General geographic region (country/region level)

We do not collect or store IP addresses or precise location data. Analytics are aggregated and used to provide you with portfolio performance insights.

2.5 Payment Information

If you subscribe to a paid plan, payment information (credit card numbers, billing address) is collected and processed directly by Stripe, our payment processor. We do not store your full payment card details on our servers. We receive only a payment token and basic transaction information from Stripe.

2.6 Communications

If you contact us via email or the contact form, we collect your email address and the content of your message to respond to your inquiry.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Create and manage your account
  • Host and display your portfolio at your chosen URL
  • Process AI-powered content generation from LinkedIn PDFs
  • Provide analytics about portfolio views and engagement
  • Process payments and manage subscriptions
  • Send transactional emails (account confirmations, password resets)
  • Respond to your inquiries and support requests
  • Detect and prevent fraud, abuse, and security issues
  • Comply with legal obligations

4. Third-Party Services

We use trusted third-party services to provide the Service. Each has their own privacy policies governing their use of your data:

4.1 Clerk (Authentication)

We use Clerk for user authentication and account management. Clerk processes your login credentials and profile information.
Clerk Privacy Policy

4.2 Convex (Database)

Your portfolio data is stored in Convex, a real-time database service.
Convex Privacy Policy

4.3 Stripe (Payments)

Payment processing is handled by Stripe. When you subscribe to a paid plan, your payment information is collected and processed directly by Stripe.
Stripe Privacy Policy

4.4 Anthropic (AI Processing)

We use Anthropic's Claude AI to process LinkedIn PDFs and generate portfolio content. Uploaded PDF content is sent to Anthropic for processing. Anthropic does not use this data to train their models.
Anthropic Privacy Policy

4.5 Resend (Email)

We use Resend to send transactional emails and contact form submissions.
Resend Privacy Policy

4.6 Cloudflare (Hosting)

Our Service is hosted on Cloudflare Pages. Cloudflare may collect basic access logs.
Cloudflare Privacy Policy

4.7 Sentry (Error Monitoring)

We use Sentry to monitor and fix errors in our Service. Error reports may include technical information about your browser and session.
Sentry Privacy Policy

5. Cookies and Tracking Technologies

We use limited cookies and similar technologies:

  • Authentication cookies: Essential cookies set by Clerk to maintain your login session.
  • Preference cookies: To remember your settings (e.g., dark mode preference).

We do not use advertising cookies or third-party tracking pixels. We do not sell your data to advertisers.

6. Data Retention

  • Account data: Retained while your account is active and for a reasonable period after deletion to comply with legal obligations.
  • Portfolio content: Retained until you delete it or close your account.
  • Analytics data: Aggregated analytics are retained indefinitely. Raw view events are retained for up to 24 months.
  • LinkedIn PDFs: Processed temporarily and deleted immediately after content extraction.
  • Payment records: Transaction records are retained as required by law (typically 7 years for tax purposes).

7. Your Rights and Choices

Depending on your location, you may have the following rights:

7.1 Access and Portability

You can access your portfolio data at any time through your account. You may request a copy of your data by contacting us.

7.2 Correction

You can update or correct your information at any time using the Service's editing tools or by contacting us.

7.3 Deletion

You can delete your account by contacting us at support@foliokit.app. Upon deletion, we will remove your portfolio content and personal information, except as required by law or for legitimate business purposes.

7.4 Opt-Out

You can unpublish your portfolio at any time to make it private. You can unsubscribe from non-essential emails using the link provided in each email.

8. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication through Clerk
  • Access controls and authentication for our systems
  • Regular security reviews and updates

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in the United States and other countries where our service providers operate. By using the Service, you consent to such transfers. We ensure appropriate safeguards are in place when transferring data internationally.

11. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your information, and the right to opt-out of the sale of your information. We do not sell personal information.

12. European Privacy Rights

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

Our legal basis for processing your data is typically your consent (for account creation) or legitimate interests (for operating the Service).

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: